Jim Gettys wrote: > It isn't clear to me if we should release the code (at least without > some thought) to this part.
If it would help with "The Free Software Foundation's Campaign for Free BIOS" for laptops http://www.fsf.org/campaigns/free-bios.html OLPC would also gain support from this community and the whole open source community for laptops and tablets. The keyboard/system controller in laptops is often used to control writes to the flash (and several other system areas) and has made it very difficult to support laptops with a Free BIOS. > > Here's what I'm paranoid about: that the serial flash rom in which > LinuxBIOS and bootloader is stored gets overwritten, and the laptop is > no longer a laptop, but an expensive brick. I particularly worry about > someone writing a worm that manages to do this, and that > thousands/millions of machines all over the world are unrecoverable. > The logistics of repair are impossible. I will ask Mark Foster about > how that flash gets write enabled; if we can absolutely in hardware > inhibit write to the boot flash, then I get much less worried. I've > sent him mail asking. Several vendors have relied on "security through obscurity" to prevent worms or a virus from modifying the system BIOS. It's always been defeated. A very difficult AES + SHA-1 or SHA-256 hash based security scheme could be used, but it still would not be 100% secure. > I do want the bootloader sequence in this flash to be able to load a > second copy of itself out of the regular main flash so that later > versions can be installed safely (with appropriate checksum checking). > I don't want the situation we had on the iPAQ where you could possibly > "brick" the unit when updating the bootloader. The iPAQ valhalla we had > (you could send us a bricked iPAQ and we'd eventually reflash it via > jtag and return it) was a PITA, and not feasible for OLPC. We have to > ensure boot and restore is absolutely bulletproof. > - Jim Fallback BIOS in ROM plus a hardware switch/jumper to control writes to flash is one 100% solution. Having a fallback BIOS image in flash would only be safe if writes to the memory area in flash that stores the fallback BIOS image is completely inaccessible to writes unless a hardware switch/jumper is enabled. -Bari -- linuxbios mailing list [email protected] http://www.openbios.org/mailman/listinfo/linuxbios
